Hidden File and Folder identification within the last XX-Hours/XX-Days
Get-ChildItem -Path "C:\YourDirectory" -Recurse -Force | Where-Object { $_.LastWriteTime -gt (Get-Date).AddHours(-6) }
Get-ChildItem -Path "C:\YourDirectory" -Recurse -Force | Where-Object { $_.LastWriteTime -gt (Get-Date).AddDays(-1) }
(Get-Item –Path C:\file.txt).Encrypt()
Modify ACL for the Specific File that you Need to Encrypt!
$acl = Get-Acl -Path "C:\Users\simspace\Desktop\SCADA Notes.txt"
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("simspace","FullControl","Allow")
$acl.SetAccessRule($accessRule)
Set-Acl -Path "C:\Users\simspace\Desktop\SCADA Notes.txt" -AclObject $acl
Get-CimInstance -ClassName Win32_Process -Filter "Name = 'sshd.exe'" |
Get-CimAssociatedInstance -Association Win32_SessionProcess |
Get-CimAssociatedInstance -Association Win32_LoggedOnUser |
Where-Object {$_.Name -ne 'SYSTEM'} | Ft -Wrap